Morning Overview on MSN

Microsoft’s new AI Notepad just opened a terrifyingly easy hacker loophole

A command injection flaw in the Windows Notepad App now gives remote attackers a path to execute code over a network, turning ...
SecurityWeek

Critical N8n Sandbox Escape Could Lead to Server Compromise

A critical n8n flaw could allow attackers to use crafted expressions in workflows to execute arbitrary commands on the host.
Bleeping Computer

New macOS zero-day bug lets attackers run commands remotely

Security researchers disclosed today a new vulnerability in Apple's macOS Finder, which makes it possible for attackers to run commands on Macs running any macOS version up to the latest release, Big ...
Bleeping Computer

Ivanti warns of Connect Secure zero-days exploited in attacks

Ivanti has disclosed two Connect Secure (ICS) and Policy Secure (IPS) zero-days exploited by suspected Chinese hackers in the wild that can let remote attackers execute arbitrary commands on targeted ...
Dark Reading

Attackers Exploit Zero-Day in End-of-Life D-Link Routers

Attackers are actively exploiting a zero-day vulnerability in multiple discontinued D-Link DSL gateway devices to execute arbitrary shell commands on affected products. Most of the gateways under ...
SecurityWeek

Fortinet Patches High-Severity Vulnerabilities

Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.
CSOonline

Cisco’s ISE bugs could allow root-level command execution

Cisco is warning enterprise admins of two critical flaws within its identity and access management (IAM) solution, Identity Services Engine (ISE), that could allow attackers to obtain unauthorized ...